<?php
include("config.php");
$valid_extensions = array('jpeg', 'jpg', 'png', 'gif', 'bmp'); // valid extensions
$path = 'uploads/'; // upload directory
if(isset($_FILES['image']))
{
$img = $_FILES['image']['name'];
$tmp = $_FILES['image']['tmp_name'];
// get uploaded file's extension
$ext = strtolower(pathinfo($img, PATHINFO_EXTENSION));
// can upload same image using rand function --> rand(1000,1000000) - uniqid()
$final_image = rand(1000,1000000).uniqid().$img;
// check's valid format
if(in_array($ext, $valid_extensions))
{
$path = $path.strtolower($final_image);
if(move_uploaded_file($tmp,$path))
{
$query = $db->prepare("INSERT INTO image SET
image_name = ?");
$insert = $query->execute(array(
"$final_image"
));
echo "<img src='$path' />";
echo "<input type='hidden' value='$final_image' disabled id='file-value' />";
}
}
else
{
echo 'invalid';
}
}
?>